Apache mod_security settings for WordPress and ModX

If you use the apache mod_security module on your apache server, you might encounter wrong 403 errors for several URL's of the cms systems. Here are some exception rules to avoid that: For WordPress Blogs <locationmatch "/wp-admin/admin-ajax.php"> SecRuleRemoveById 300013 SecRuleRemoveById 300015 SecRuleRemoveById 300016 SecRuleRemoveById 300017 </locationmatch> <locationmatch "/wp-admin/page.php"> SecRuleRemoveById 300013 SecRuleRemoveById 300015 SecRuleRemoveById 300016 SecRuleRemoveById ... Read more

Change of mail header form field identifier from ISPConfig 2 to ISPConfig 3

If you have a local mail server installed and change your server controlpanel to ISPConfig 3, having used ISPConfig 2 in the past, you may have to change the value that defines the form field observed by all functions in need of the address that mails are supposed to be delivered to (catchalls, etc.) on ... Read more

Update to latest Spamassassin filter rules in ISPConfig 2

The ISPConfig 2 controlpanel installs its own copy of Spamassassin in the folder /home/admispconfig/ispconfig/tools/spamassassin . To update the Spamassassin filter rules in ISPConfig 2, run this command as root user: /home/admispconfig/ispconfig/tools/spamassassin/usr/bin/sa-update To test if Spamassassin works with the new ruleset, run this command: /home/admispconfig/ispconfig/tools/spamassassin/usr/bin/spamassassin --lint If it does not return an error message, then Spamassassin is ... Read more

How to solve the PHP XCache error: /dev/zero: No space left on device

If you get the error "/dev/zero: No space left on device" in the apache error.log on a OpenVZ virtual machine, then the shared memory size in the xcache.ini is too high or the xcache.mm_path is set wrong. Edit the file /etc/php5/conf.d/xcache.ini vi /etc/php5/conf.d/xcache.ini and check the mm_path. On a OpenVZ virtual machine it should be ... Read more

Secure /tmp and /dev/shm directories in a OpenVZ enviroment

The /tmp and /dev/shm directories of a OpenVZ virtual machine shall be mounted without suid and exec permissions. To achieve this, create a a shell script on the host server for every virtual machine which contains the commands to remount the directories. This script will be started automatically by openvz when the VM is started. ... Read more

How to update Spamassassin on ISPConfig 2

The spamassassin installation on a ISPConfig 2 server is normally updated together with ISPConfig. Here are the steps iIf you want to update spamassassin manually without updating ISPConfig 2: Download the latest Spamassassin sources and unpack the tar.gz file cd /tmp wget http://ftp.fernuni-hagen.de/ftp-dir/pub/mirrors/\ www.apache.org/spamassassin/source/Mail-SpamAssassin-3.3.1.tar.gz tar xfz Mail-SpamAssassin-3.3.1.tar.gz Configure, make and install spamassassin cd Mail-SpamAssassin-3.3.1 perl ... Read more

Apache webserver: redirect requests for domain.com to www.domain.com

Many webmasters want to redirect users that access their websites with "domain.tld" automatically to "www.domain.tld". If you use the Apache web server, you can do this by using Apache rewrite rules. Add a .htaccess file with the following content in the root directory of the website: RewriteEngine On RewriteCond %{HTTP_HOST} !^www\.domain\.com RewriteRule (.*) http://www.domain.com/$1 [L,R=301] ... Read more

How to fix the spamassassin bug with the FH_DATE_PAST_20XX rule

Since january 1 2010, spamassassin is falsely marking non spam emails as spam due to an error in the regular expression of the FH_DATE_PAST_20XX rule. Description of the bug: https://secure.grepular.com/blog/index.php/2010/01/01/spamassassin-2010-bug/ To fix this, run the following command on the shell as root user: sa-update If you use the software ISPConfig 2 on your server, run ... Read more